The Consent Template CT003 finalized by the Lending Use Case Council provides a structured framework for obtaining consent from borrowers to monitor their financial activities, ensuring alignment with industry best practices.

This consent template also requires the implementation of the following Codes of Conduct and Technical Guardrails to promote consumer privacy. The Technical Guardrails recommended by the Use Case Council are as follows:

Technical GuardrailResponsibility
FIU to provide disclosure (as a part of the purpose text) that monitoring consent will be activated only if the loan is disbursed.FIU will implement the standardized Purpose text as per the CT003 in their consent request, and later this would be automated as a part of Sahamati’s Fair Use System
FIU to ensure, technically, that data against monitoring consent will get pulled only if a loan is activeFIU will be responsible for configuring their back-end systems to ensure this
At the end of the journey of a rejected/prepaid customer (purpose fulfilled), the customer shall compulsorily be provided an option to revoke monitoring consentFIU to present a redirection link to the AA page/app for the customer to revoke consent live (as a best practice) or through any other communication channel (in case of non-STP journeys)
To ensure that customers are informed about their data being accessed due to prior monitoring consent, consumers should be regularly notified of data pulls and active consents.AA to provide regular notifications to consumers via appropriate communication channels. Frequency to be discussed/decided with the AA Steering Group
Last published17th May 2024
Consent Template Information / AttributesDescription / Upperbounds
Consent Template IDCT003
Use Case CategoryAccount Monitoring
Use caseMonitoring a borrower’s account to verify loan repayment capability
License types consideredBank, NBFC, HFC
Purpose Text (for customers)To monitor borrower’s account to verify loan repayment capability, subject to loan activation
Purpose Text (as per ReBIT)Explicit consent for monitoring of the accounts
Purpose Code104
Purpose Code Category NameFinancial Reporting
FI TypesAll RBI and SEBI FI Types, GSTN
Consent TypesProfile, Summary, Transactions
Maximum Frequency5 times per month
Maximum FI Data Range6 months
Maximum Consent expiryCoterminous with loan tenure
Maximum Data Life1 Month
Last published on:17th May 2024

Note: Loan underwriting and Loan monitoring are two different purposes, and hence, two distinct consents should be sought for these two processes. (Code of Conduct on the same is published here)

Please note that the parameters of the individual consent templates in the Consent Template Library represent upper bounds for the respective use cases, as decided in the relevant User Councils. The parameters in the consent templates should be treated by participant(s) as outer limit(s) and not be construed as legal advice in any manner. Participants are encouraged to review their use case(s) and ensure compliance with applicable laws, including the RBI Master Directions on NBFC-AA and the DPDP Act.

Sahamati will publish additional consent templates as the AA ecosystem evolves based on discussions in the relevant Use Case Councils and the Fair Use Committee. Existing consent templates may also be revised based on statutory and regulatory guidance, including the DPDP Act and the Rules issued thereunder.

<- Back to AA Consent Template Library